|
|
|
|
|
|
by necovek
1005 days ago
|
|
|
I generally avoid non-trusted utilities altogether. I am most likely to load up data (for the use cases mentioned in the extension description) into a Python shell and deal with it using json, base64, pprint and similar modules. Some things I can do with regular POSIX and GNU tools directly from the CLI, so I'd trust those too on my Debian/Ubuntu systems (where there is usually a guarantee you can get the source code for the binary you are running). It's definitely possible Debian/Ubuntu experience a supply chain attack too, but it's significantly less likely than a random library from github IMO. |
|
|